Ok. So you know when you are sucking off your ISP and when it is coming in
normally.
I have the impression that the mail does run through SA when it comes in
from the ISP.
What you should do in this case is set up your trust path to include the ISP
in the trusted_hosts. Then, if you are running net rules, the stuff coming
in to the ISP will be the boundary, and the DUL rules and the like will fire
correctly.
Of course, if your ISP is sending you spam, it will now be getting
ALL_TRUSTED and probably manage to get through.
Loren
